feat: Add advanced NAS performance optimizations

- Memory optimization: vm.swappiness=10, vm.vfs_cache_pressure=50 - Enhanced Docker configuration with overlay2 and log rotation - Webmin web interface integration with firewall configuration - Multi-distribution Webmin support (Ubuntu/Debian, Fedora, openSUSE) - SSL configuration and session timeout optimization - Updated documentation and installation summary - Enterprise-grade performance tuning for NAS workloads
2025-10-03 08:10:28 +02:00
parent 081e32ed43
commit b0340adf03
7 changed files with 222 additions and 11 deletions
--- a/lib/docker.sh
+++ b/lib/docker.sh
@@ -52,14 +52,15 @@ install_docker() {
    handle_error sudo systemctl enable docker
    handle_error sudo systemctl start docker

-    # Configure Docker data directory
+    # Configure Docker data directory and optimization
    if [[ "$DOCKER_DATA_DIR" != "$DEFAULT_DOCKER_DATA_DIR" ]]; then
        log_info "Configuring Docker data directory to $DOCKER_DATA_DIR..."
        handle_error sudo mkdir -p "$DOCKER_DATA_DIR"
-        echo "{\"data-root\": \"$DOCKER_DATA_DIR\"}" | sudo tee /etc/docker/daemon.json > /dev/null
-        handle_error sudo systemctl restart docker
    fi
-
+    
+    # Create optimized Docker daemon configuration
+    configure_docker_daemon
+    
    export DOCKER_CONTENT_TRUST=1

    log_info "Docker installed successfully."
@@ -75,3 +76,44 @@ install_docker() {
    echo "5. Enable linger for the user:"
    echo "   sudo loginctl enable-linger \$(whoami)"
 }
+
+# Configure optimized Docker daemon
+configure_docker_daemon() {
+    log_info "Configuring optimized Docker daemon..."
+    
+    sudo mkdir -p /etc/docker
+    
+    # Create optimized daemon.json
+    cat << EOF | sudo tee /etc/docker/daemon.json
+{
+  "storage-driver": "overlay2",
+  "log-driver": "json-file",
+  "log-opts": {
+    "max-size": "10m",
+    "max-file": "3"
+  },
+  "exec-opts": ["native.cgroupdriver=systemd"],
+  "live-restore": true,
+  "userland-proxy": false,
+  "experimental": false,
+  "metrics-addr": "0.0.0.0:9323",
+  "default-ulimits": {
+    "nofile": {
+      "Hard": 64000,
+      "Name": "nofile",
+      "Soft": 64000
+    }
+  }
+EOF
+    
+    # Add data-root if custom directory is specified
+    if [[ "$DOCKER_DATA_DIR" != "$DEFAULT_DOCKER_DATA_DIR" ]]; then
+        # Modify the daemon.json to include data-root
+        sudo sed -i "s|{|{\n  \"data-root\": \"$DOCKER_DATA_DIR\",|" /etc/docker/daemon.json
+    fi
+    
+    # Restart Docker to apply configuration
+    handle_error sudo systemctl restart docker
+    
+    log_success "Docker daemon optimized"
+}
--- a/lib/performance.sh
+++ b/lib/performance.sh
@@ -6,6 +6,9 @@
 optimize_system_performance() {
    log_info "Optimizing system performance..."
    
+    # Memory optimization for NAS workloads
+    configure_memory_optimization
+    
    # Optimize kernel parameters
    sudo tee -a /etc/sysctl.conf > /dev/null <<EOF

@@ -56,6 +59,25 @@ EOF
    log_success "System performance optimized"
 }

+# Memory optimization for NAS workloads
+configure_memory_optimization() {
+    log_info "Configuring memory optimization for NAS workloads..."
+    
+    cat << EOF | sudo tee /etc/sysctl.d/99-nas-optimization.conf
+# NAS Memory Optimization for better file caching
+vm.swappiness=10
+vm.vfs_cache_pressure=50
+EOF
+    
+    # Apply immediately
+    sudo sysctl -p /etc/sysctl.d/99-nas-optimization.conf
+    
+    # Add to rollback
+    add_rollback_action "sudo rm -f /etc/sysctl.d/99-nas-optimization.conf && sudo sysctl -p"
+    
+    log_success "Memory optimization configured"
+}
+
 # Create performance monitoring script
 create_performance_monitor() {
    sudo tee /usr/local/bin/nas-performance > /dev/null <<'EOF'
--- a/lib/webmin.sh
+++ b/lib/webmin.sh
@@ -0,0 +1,118 @@
+#!/bin/bash
+
+# Webmin installation and configuration
+
+install_webmin() {
+    if [[ "${INSTALL_WEBMIN:-false}" != "true" ]]; then
+        return 0
+    fi
+
+    log_info "Installing Webmin web interface..."
+
+    case $DISTRO in
+        ubuntu|debian)
+            # Download and run Webmin setup script
+            handle_error curl -o setup-repos.sh https://raw.githubusercontent.com/webmin/webmin/master/setup-repos.sh
+            handle_error sudo bash setup-repos.sh
+
+            # Install Webmin
+            handle_error sudo apt update
+            handle_error sudo apt install -y webmin
+
+            # Clean up setup script
+            rm -f setup-repos.sh
+            ;;
+        fedora)
+            # Add Webmin repository
+            handle_error sudo curl -o /etc/yum.repos.d/webmin.repo https://raw.githubusercontent.com/webmin/webmin/master/webmin.repo
+            handle_error sudo dnf install -y webmin
+            ;;
+        opensuse)
+            # Add Webmin repository
+            handle_error sudo zypper addrepo -f https://download.webmin.com/download/yum/webmin-suse.repo
+            handle_error sudo zypper refresh
+            handle_error sudo zypper install -y webmin
+            ;;
+        arch)
+            # Webmin is available in AUR
+            log_warning "Webmin installation on Arch Linux requires manual AUR installation"
+            log_info "Please install Webmin manually from AUR: yay -S webmin"
+            log_info "Then run: sudo systemctl enable webmin && sudo systemctl start webmin"
+            return 0
+            ;;
+        *)
+            log_error "Webmin installation not supported for $DISTRO"
+            return 1
+            ;;
+    esac
+
+    # Enable and start Webmin service
+    handle_error sudo systemctl enable webmin
+    handle_error sudo systemctl start webmin
+
+    # Configure firewall for Webmin (port 10000)
+    configure_webmin_firewall
+
+    # Get IP address for access information
+    local ip_address=$(hostname -I | awk '{print $1}')
+
+    log_success "Webmin installed and configured"
+    log_info "Webmin is available at: https://${ip_address}:10000"
+    log_info "Default login: root / your root password"
+    log_warning "Important: Change the default password after first login!"
+    log_info "Note: Webmin uses self-signed SSL certificate - accept the security warning"
+
+    # Add to rollback
+    add_rollback_action "sudo systemctl disable webmin && sudo systemctl stop webmin && sudo apt remove -y webmin"
+}
+
+# Configure firewall for Webmin access
+configure_webmin_firewall() {
+    log_info "Configuring firewall for Webmin access..."
+
+    case $DISTRO in
+        ubuntu|debian|arch)
+            # UFW firewall
+            if command -v ufw &> /dev/null; then
+                handle_error sudo ufw allow 10000/tcp
+                log_info "UFW rule added: allow port 10000/tcp for Webmin"
+            fi
+            ;;
+        fedora|opensuse)
+            # Firewalld
+            if command -v firewall-cmd &> /dev/null; then
+                handle_error sudo firewall-cmd --permanent --add-port=10000/tcp
+                handle_error sudo firewall-cmd --reload
+                log_info "Firewalld rule added: allow port 10000/tcp for Webmin"
+            fi
+            ;;
+    esac
+}
+
+# Webmin configuration optimization
+configure_webmin() {
+    if [[ "${INSTALL_WEBMIN:-false}" != "true" ]]; then
+        return 0
+    fi
+
+    log_info "Configuring Webmin optimizations..."
+
+    # Webmin configuration file
+    local webmin_config="/etc/webmin/miniserv.conf"
+
+    if [[ -f "$webmin_config" ]]; then
+        # Increase session timeout
+        sudo sed -i 's/^session_timeout=.*/session_timeout=3600/' "$webmin_config"
+
+        # Configure SSL settings
+        sudo sed -i 's/^ssl=.*/ssl=1/' "$webmin_config"
+        sudo sed -i 's/^ssl_redirect=.*/ssl_redirect=1/' "$webmin_config"
+
+        # Restart Webmin to apply changes
+        handle_error sudo systemctl restart webmin
+
+        log_success "Webmin configuration optimized"
+    else
+        log_warning "Webmin configuration file not found - skipping optimization"
+    fi
+}